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(54) Short-distance wireless connections In a network 



(57) The present invention relates to a method for 
authentication of short-distance wireless connection 
setup and encryption of a connection set up between 
two or more mobile terminals in a digital mobile commu- 
nication network. According to the Invention, the MSiS- 
DN subscriber number of the first terminal is utilized for 
Identification of the first temriinal by the second terminal, 
a short message inquiry is sent from the terminal select- 
ed as master to the gateway server, a random number 
is generated by the gateway server in response to the 
short message inquiry, the random number generated 
is sent in a response to the short message inquiry from 
the gateway server to both temninals, and the short-dis- 
tance wireless connection set up between the temninals 
is encrypted by utilizing the aforesaid random number 
and encryption keys stored ori the user identity modules 
of the temninals. 
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Description 

FIELD OF THE INVENTION 

[0001] The present invention relates to telecommuni- s 
cation. In particular, the invention relates to a new and 
sophisticated method for authenticating shprt-distance 
wireless connection setup, encrypting a connection set 
up and transmitting presence and location data over 
short-distance wireless connections. io 

PRIOR ART 

[0002] The popularity of wireless terminals, such as 
e.g. mobile stations has increased at a fast tempo during is 
the past ten years, in addition, short-distance wireless 
connections are being introduced. 'Short-distance wire- 
less connection' refers to a connection based on short- 
range radio link technology with a maximum range of 
the order of ten meters, primarily intended for use inside 20 
buildings and preferably so that the transmitter and re- 
ceiver are situated in the same room, said connection 
permitting communication of information arnong more 
than two devices at a time. In particular, short-distance 
wireless connections are designed to replace cable con- 
nections, which are in use at present. Further, short-dis- 
tance wireless connections are designed to replace in- 
frared lihl<s, which involve the disadvantage of a short 
operating range, typically only a couple of meters. More- 
over, infrared linl^s require accurate alignment, and the 30 
transmission path between transmitter and receiver 
must be free of obstacles. In addition, an infrared con- 
nection only permits communication of Information be- 
tween two devices at a time. 

[0003] One of these short-distance wireless connec- 35 
tion technologies is the Bluetooth technology. Bluetooth 
uses a2.4 GHz ISM (industrial Scientific Medicine) band 
for data transfer. In most countries, this frequency band 
lies between 2400-2483,5 MHz. The frequency band is 
divided into 1 MHz channels. The protocol used by Blue- 40 
tooth Is a combination of circuit switching and pacl<et 
switching. Data transfer is implemented using a spread 
spectrum based on frequency hopping. The maximum 
operating range is normally of the order of ten meters. 
By Increasing the transmission power, it is possible to 45 
increase the range up to one hundred meters. Connec- 
tions may be bilateral or multilateral. Bluetooth is pref- 
erably implemented as a microcircult, which is either in- 
tegrated directly in the device utilizing it or installed af- 
terwards as an expansion card. so 
[0004] However, current implementations of short- 
distance wireless connections involve many drawbacks 
that reduce their service value. For example, setting up 
temporary, so-called ad-hoc networks between Blue- 
tooth temiinals Is at present no user-friendly or visually ss 
observable process because present terminals provid- 
ed with Bluetooth are very uninformative when connec- 
tions and temporary networi<s are being set up. For in- 



stance, the other party is only shown as a row. of figures 
resembling a MAC code (Media Access Control), Fur- 
ther, today's Bluetooth technology provides no solution 
to the problem of distribution of encryption l<eys. More- 
over, the transmission of presence and/or location infor- 
mation Is a problem with current short-distance wireless 
connections, in current, solutions, for example, users 
have to update their status tliemselves every time when 
It changes. Furthermore, current implementations pro- 
vide no possibility to associate location data with pres- 
ence data. 



[0005] The object of the present invention is to dis- 
close a new type of method that eliminates the above- 
mentioned drawbacks or at least signrftoantly alleviates 
them. A specific object of the invention is to disclose a 
method that enables authentication of short-distance 
wireless connection setup and encryption of a connec- 
tion set up as well as transmission of presence and lo- 
cation data over short-distance wireless connections. 

BRIEF DESCRIPTION OF THE INVENTION 

[0006] In the present invention for authentication of 
short-distance wireless connection setup and encryp- 
tion of a connection set up between two or more mobile 
terminals in a digital mobile communication networi< 
comprising a number of mobile terminals and a gateway 
sen/er, each of said mobile terminals comprising a sub- 
scriber identity module and a short-distance wireless 
connection hioduie, a short-distance wireless connec- 
tion setup inquiry is sent from a first tenninal to a second 
terminal. Next, the first terminal is identified by the sec- 
ond terminal. On the basis of a predetermined selection 
parameter, one of the terminals is selected as master 
and the other as slave. The digital mobile communica- 
tion network is e.g. a GSM network (Global System for 
Mobile Communication) or a UMTS network (Universal 
Mobile Telecommunications System), it is to be noted 
that the aforesaid digital mobile communication network 
and temporary short-distance wireless network consist- 
ing of terminals utilizing short-distance wireless connec- 
tions are entities Independent of each other. 
[0007] According to the invention, the MSISDN sub- 
scriber number (Mobile Subscriber ISDN) of the first ter- 
minal Is sent together with the short-distance wireless 
connection setup inquiryto the second terminal. Further 
according to the invention, the said MSISDN subscriber 
number of the first terminal is utilized for identification - 
of the first terminal by the second temnlnal. Further ac- 
cording to the invention, a short message inquiry Is sent 
from the terminal selected as master to the gateway 
sender. Further according to the invention, a random 
number is generated by the gateway server in response 
to the short message Inquiry. Further according to the 
invention, the random number generated is sent in a re- 
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sponse to the short message inquiry from the gateway 
server to both terminals. Further according to the inven- 
tion, encryption of the short-distance wireless connecr 
tion set up between the temiinals is performed using the 
aforesaid random number and encryption keys stored 
on the user identity modules of the terminals. 
[0008] In an embodiment of the invention, the random 
number is produced by generating it using the. gateway 
server. 

[0009] In an embodiment of the invention, the random 
number is produced by sending a random number re- 
quest from the gateway server to a Home Location Reg- 
ister provided in connection with the aforesaid mobile 
communication network and sending the random 
number in question from the Home Location Register to 
the gateway server in response to the request. 
[0010] In an embodiment of the invention, the target 
address of the short message inquiry comprises the 
subscriber number of the gateway server. 
[0011] In an embodiment of the invention, the infor- 
mation contained in the short message inquiry compris- 
es the IVISISDN subscriber number of the terminal se- 
lected as slave. 

[0012] In an embodiment of the Invention, the MSIS- 
DN subscriber numbers of the temninals are used as a 
selection parameter. 

[0013] In an embodiment of the Invention, for identifi- 
cation of the first temiinal by the second tenninai, the 
MSISDN subscriber number of the first terminal is pre- 
. sented on the display of the second terminal. = 
[0014] In an embodiment of the invention, the short- 
distance wireless connection set up between the termi- 
nals is encrypted by using a predetemnlned symmetrl- 
cal-key encryption technique, 

[0015] In an embodiment of the invention, the short- 
distance wireless connection is a Bluetooth connection. 
[0016] In an embodiment of the. invention, the short- 
distance wireless connection is an I rD A connection (In- 
frared Data Association). 

[0017] In an embodiment of the invention, the sub- 
scriber identity module is a USIM module (Universal 
Subscriber Identity Module). 

[0018] In an embodiment of the invention, the USIM 
module comprises a dedicated storage location, which 
comprises predetermined connection parameters asso- 
ciated with sliort-distance wireless connection setup. 
[0019] In an embodiment of theinvention.theconnec- 
tion parameters comprise the MSISDN subscriber num- 
bers of those temninals with which short-distance wire- 
less connection setup Is allowed. 
[0020] In an embodiment of the Invention, the connec- 
tion parameters comprise the MSISDN subscribernum- 
bers of those tennlnals with which short-distance wire- 
less connection setup is not allowed. 
[0021 ] in an embodiment of the invention, the connec- 
tion parameters comprise the MSISDN subscriber num- 
bers of those temninals with which short-distance wire- 
less connection setup Is only allowed after a separate 



interactive verification inquiry. 

[0022] in the present invention for the transmission of 
presence and location information between two orrhore 
terminals in a telecommunication network, said tele- 
communication network comprising a number of termi- 
nals and a number of base stations, said terminals and 
base stations communicating with each other using 
short-distance wireless connections, a first terminal is 
disposed within the coverage area of a first base station 
and a short-distance wireless connection is set up be- 
tween the first terminal and the first base station. 
[0023] According to the invention, a location server is 
provided in connection with the telecommunication net- 
work. Further according to the invention, terminal-spe- 
cific presence data, comprising an identifier of the first 
base station and an Indication of whether the first termi- 
nal in question is present within the area of the telecom- 
munication network. Is transmitted automatically from 
the first base station to the location server. Further ac- 
cording to the invention, terminal-specific location data, 
comprising an identifier of the first base station and in- 
formation indicating the base station in whose coverage 
area the first terminal In question is located, is transmit- 
ted automatically from the first base station to the loca- 
tion server. Further according to the invention, the pres- 
ence data and location data for the first terminal are au- 
tomatically transmitted from the location server to one 
or more other terminals. Further according to the inven- 
tion, when the first terminal Is moving so that Its location 
data changes, said location data is updated automati- 
cally in the location server and the updated location data 
is transmitted to one or more other temninals; Further 
according to the invention, when the first terminal Is 
moving so that its presence data changes, said pres- 
ence data is updated automatically in the location server 
and the updated location data is transmitted to one or 
more other temninals. 

[0024] In an embodiment of the invention, the SIP pro- 
tocol (Session Initiation Protocol) is utilized In transmit- 
ting the location data. The SIP protocol is a protocol 
standardized by the IETF (Internet Engineering Task 
Force), intended for the initiation of an interactive user 
session. 

[0025] In an embodiment of the invention, the SIP pro- 
tocol is utilized in transmitting the presence data. 
[0026] In an embodiment of the invention, the infor- 
mation regarding the base station In whose coverage 
area a given terminal is located, which is Included In the 
location data, comprises an additional parameter defin- 
able by the user of the terminal in question. 
[0027] In an embodiment of the Invention, when the 
terminal Is simultaneously located in the coverage areas 
of two or more different base stations, the terminal in 
question is sent a notification about the situation as well 
as a list of the base stations concemed, on the basis of 
which the base station to be transmitted in the location 
data Is selected Interactively by the userof the terminal. 
[0028] In an embodiment of the invention, the short- 
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distance wireless connections are Bluetooth .connec-, =. 
tlons. . - 

[0029] In an ennbodlment of the invention, the tele- 
communication network is a WLAN, network (Wireless . 
Local Network). s 
[0030] As compared with prior-an technology, the 
present invention provides the advantage that it facili- 
tates the setup of temporary short-distance wireless net- 
works between terminals by making network setup more 
user-friendly and visually clear. The invention enables io 
terminals trying to enter into the network to be identified 
by their MSISDN subscriber numbers. Further, the In- 
vention makes it possible to display to the user the plain- 
language names corresponding to these MSISDN sub« 
scriber numbers if said MSISDN subscriber numbers is 
are stored in the memory of the subscriber Identity mod- 
ule of the user's terminal. 

[0031] Further, the invention solves the problem of 

distribution of encryption keys by utilizing between ter- 
minals an encryption system of thetype used In present 20 
digital mobile communication networks together with the 
encryption key already existing on the subscriber Iden- 
tity module. 

[0032] Further, the Invention provides a more user- 
friendly presence service, in which the presence data 25 
and location data are updated automatically without re- 
quiring the user to personally update the data every time 
the status Is changed. Moreover, the invention allows 
the use of several additional parameters In the preserice 
service. : ■ \ r 30 

LIST OF ILLUSTRATIONS 

[0033] In the following, the Invention will be described 

in detail by the aid of embodiment examples with refer- 3s 

ence to the attached drawings, wherein 

Fig. 1 is a diagrammatic illustration of a method ac-^ 
cording to the Invention, and 

Fig. 2 is a diagrammatic Illustration of a method ac- 40 
cording to the Invention. 

DETAILED DESCRIPTION OF THE INVENTION 

[0034] Fig. 1 presents by way of example a diagram- 45 
matic illustration of a method according to the invention 
for authentication of short-distance wireless connection 
setup and for encryption of a connection set up between 
two or more mobile communication terminals in a digital 
mobile communication network, which comprises mo- so 
bile communication terminals A and B provided with a 
Bluetooth function, and a gateway server GW, a home 
location register HLR and a short message switching 
center SMSC. 

[0035] At step 1 , A starts the process of setting up a ss 
Bluetooth connection. B receives a connection setup In- 
quiry and performs a master-slave comparison. After 
the comparison, B sends a notification of the result to A, 



step 2, At step 3, a connection exists between A and B, 
but so far unauthenticated and unreliable. In the master- 
slave comparison carried out, A Is selected as master 
on the basis of the MSISDN subscriber numbers of A 
and B, so A sends a SMS short message Into the mobile 
communication network. The target address of the mes- 
sage is the gateway server's GW target number used 
as service number. The message content consists of the 
MSISDN subscriber number of B. At step 4, the mes- 
sage is transmitted to the short message switching cent- 
er, and at step 5 an eventual acknowledgement of re- 
ceipt of the message Is transmitted to A. 
[0036] At step 6, the short message switching center 
SMSC directs the message to the gateway server GW 
on the basis of the target address included in the mes- 
sage. The gateway server GW requests a random 
number for A from the home location register HLR, step 
7. At step 8, the home location register HLR returns a 
random number to the gateway server GW. Instead of 
the home location register HLR, a random number can 
also be generated e.g. directly by the gateway server 
GW. As a result of the request, the gateway server GW 
returns the same random number in a short message to 
both A and B, step 9. At step 10, the random number 
received is taken into use and the connection between 
A and B is encrypted using a symmetrical-key technique 
known in Itself. 

[0037] Fig. 2 presents a diagram illustrating by way of 
example a method according to the invention for trans- 
mitting presence and location data between two or more 
terminals In a telecommunication network, said tele- 
communication network comprising a number of termi- 
nals A, B and C, a number of base stations BS and a 
location server DB. The terminals A, B, C and the base 
stations BS communicate with each other using Blue- 
tooth connections. Fig. 2 shows terminals of three dif- 
ferent types. At steps 1 and 2, a terminal and a Bluetooth 
base station are signaling, In otherwords, they find each 
other and set up a Bluetooth connection. At steps 3 and 
4, the Bluetooth base station transmits data to the loca- 
tion server to indicate that a given client has entered the 
coverage area of this base station. In steps 5 and 6, 
which represent an altematlveto steps 3 and 4, the cli- 
ents are connected to the location server via a perma- 
nent connection. After this, all active users of the loca- 
tion service are automatically updated with information 
giving the actual locations of thetemninals. If necessary, 
authentication can be carried out using the method il- 
lustrated in Fig. 1. 

[0038] The invention Is not limited to the embodiment 
examples described above; instead, many variations 
are possible within the scope of the inventive concept 
defined In the claims. 



Claims 

1. Method for authentication of short-distance wire- 
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less connection setup and encryption of a connec- 
tion set up between two or more mobile communi- 
cation terminals in a digital mobile, communication 
networ)< comprising a number of mobile tenninals 
and a gateway server, each of said mobile tenninals 5 
comprising a subscriber Identity module and a 
short-distance wireless connection module, said 
method comprising the steps of: 

sending a short-distance wireless connection io 
setup inquiry from a first terminal to a second 

temriinal, 

identification of the first terminal by the second 
terminai, and 

selecting one of the terminals as master and is 
the other as slave , on the basis of a predeterr 
mined selection parameter, 

characterized in tiiat the method further 
comprises the steps of : 20 

sending the MSiSDIVJ subscriber number (Mo- 
bile Subscriber ISDN) of the first temninal to- 
gether with the short-distance wireless connec- 
tion setup inquiry to the second terminal, 25 
utilizing the said MSISDN subscriber number of 
the first tennninal tor Identification of the first ter- 
minal by the second temninal, 
sending a short message Inquiry from the ter- 
minal selected as masterto the gateway server, so 
generation of a random number by the gateway 
server in response to the short message in- 
quiry, 

sending the random number thus generated In 
a response to the short message inquiry from 35 
the gateway server to both terminals, and 
encrypting the short-distance wireless connec- 
tion thus set up between the terminals, using 
the aforesaid random number and encryption 
keys stored on the user Identity modules of the 40 
temiinals.- 

2. Method according to claim 1 , characterized in that 
the random number is produced by generating It us- 
ing the gateway server. 45 

3. Method according to claim 1 , characterized In that 
the random number is produced by sending a ran- 
dom number request from the gateway server to a 
home location register provided In connection with 50 
the mobile communication network and sending the 
random number In question from the home location 
register to the gateway server in response to the 
request. 

55 

4. Method according to claim 1 , 2 or 3, characterized 
In that the target address of the short message in- 
quiry comprises the target number of the gateway 



server. 

5. Method according to claim 1 , 2, 3 or 4. character- 
ized in that the information contained in the short 
message Inquiry comprises the MSISDN subscriber 
number of the terminal selected as slave. : . . 

6. Method according to claim 1 , 2, 3. 4 or 5, charac- 
terized in that the MSISDN subscriber numbers of 
the terminals are used as a selection parameter. 

7. Method according to claim 1 , 2, 3, 4 5 or 6, charac- 
terized in that, for Identification of the first terminal 
by the second terminal, the MSISDN subscriber- 
number of the first temiinai is presented on the dis- 
play of the second terminal. 

8. Method according to claim 1 , 2, 3, 4, 5, B or 7, char- 
acterized In that the short-distance wireless con- 
nection set up between the terminals is encrypted 
by using a predetermined symmetrical-key encryp- 
tion technique. . 

9. Method according to claim 1,2,3, 4, 5, 6 or 7, the 
short-^distance wireless connection is a Bluetooth 
connection. . 

10. Method according to claim 1, 2, 3, 4, 5, 6, 7 or 8, . 
characterized in that the short-distance wireless 
connection Is an IrDA connection. 

11 . Method according to claim 1 , 2, 3, 4, 5, 6, 7, 8, 9 or 
10, characterized In that the subscriber Ideritity 
nnodule Is a USIM module. : 

12. Method according to claim 11, characterized in 
that the USIM module comprises a dedicated stor- 
age location, which comprises predetermined con- 
nection parameters associated with short-distance 
wireless connection setup. 

13. Method according to claim 12, characterized in 
that the connection parameters comprise the 
MSISDN subscriber numbers of those terminals 
with which shortrdistance wireless connection set- 
up is allowed. 

1 4. Method according to claim 1 2 or 1 3, characterized 
in that the connection parameters comprise the 
MSISDN subscriber numbers of those terminals 
with which short-distance wireless connection set- 
up is not allowed. 

15. Method according to claim 12, 13 or 14, character- 
ized in that the connection parameters comprise 
the MSISDN subscriber numbers of those terminals 
with which short-distance wireless connection set- 
up is only allowed after a separate interactive veri- 
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fication inquiry. 

16. Method for the transmission of presence and loca- 
tion data between two or more temriinals in a tele- 
communication network, said telecommunication s 
network comprising a number of terminals and a 
number of base stations, said terminals and base 
stations communicating with each other using 
short-distance wireless connections, said method 
comprising the steps of: io 

disposing a first temnlnal within the coverage . 

area of a first base station, and 

setting up a short-distance wireless connection 

between the first terminal and the first base sta- is 

tion, 

characterized in that .the method further 
comprises the. steps of: 

■ r 20 

providing a location server in connection with 
the telecommunication network, 
automatically transmitting terminal-specific 
presence data, comprising an identifier of the 
first base station and an indication of whether 
the first tenninal in question is present within 
the area of the telecommunication network, 
from the first base station to the location server, 
automatically transmitting tennlnal-speclfic lo- 
cation data, comprising an identifier of the first 30 
base station and Information indicating the 
base station within whose coverage area the 
firsttennlnal In question is located, from the first 
base station to the location server, 
automatically transmitting the presence data 35 
and location data for the first temiinal from the 
location server to one or more other terminals, 
automatically updating the location data for the 
first terminal in the location server when said 
tenninal is moving so that its location data 40 
changes, and transmitting the updated location 
data to one or more other temriinals, and • 
automatically updating the presence data for 
the first terminal In the location server when 
said terminal is moving so that its presence da- 45 
ta changes, and transmitting the updated loca- 
tion data to one or more other temriinals. 

17. Method according to claim 16, characterized In 
that the SIP protocol is utilized in transmitting the so 
location data. . 

1 8. Method according to claim 1 6 or 1 7, characterized 
in that the SIP protocol is utilized in transmitting the 

presence data. • • > ^ " \ ss 

1 9. Method according to claim 1 6. 1 7 or 1 8, character- 
ized in that the information regarding the base sta- 



tion in whose coverage area a given temnlnal Is lo- 
■ cated. which is Included In the location data, com- 
prises an additional parameter definable by the user 
of the. terminal in question. 

20. Method according to claim 16, 17, 18, 19 or 20, 
characterized in that, when the terminal Is simul- 
taneously located in the coverage areas of two or 
more different base stations, the terminal in ques- 
tion is sent a notification about the situation as well 
as a list of the base stations concemed, on the basis 
of whbh the base station to be transmitted in the 
location data is selected interactively by the user of 
the tenninal. 

21. Method according to claim IB, 17, IB, 19 or 20, 
characterized in that the short-distance wireless 
connections are Bluetooth connections. 

22. Method according to claim 16, 17, 18, 19 or 20, 
characterized in that the telecommunication net- 
work is .a WI^N n etwork. - 
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